I'm building an application where the backend is an API and the frontend is Angular2.
In a user's registry I do a validation in the API and if a required field is not filled in the API returns an error stating the field that should be mandatory.
My question is in Angular2, whether I should make this mandatory rule as well, or whether I can use the API and simply display the API return.
Well, it does not make much sense to have two places with the same rule.
You're on the right track since validation occurs on the server . And there's nothing wrong with just leaving it there. The only thing wrong is to just leave it on the client.
The user experience may suffer if you wait for the data to be submitted to see if something is wrong. So at the very least you should use the power of the Angular to at least make checks as the data is being entered or manipulated in the frontend . This is already a huge gain. So having an API that allows timely validation and using it is already an advantage.
But let's say that calling the server on every data entry can be an exaggeration. And putting validations on the client itself can be a simplification and a bit of a challenge for the server, even eliminating the chance of failures at the moment, which could prevent the user from continuing until the fault has been corrected (the network may have had a momentary problem. experience tends to get better.
Of course, some validations can not be done on the client side, they need to access the database or even do something that should be privileged. There is no way to guarantee privileges in frontend , anyone can cheat there.
Some people even cache the database on the client, perhaps using Indexed DB or something similar, to avoid that the client makes unnecessary requests to the server. Of course you have to analyze if this is the case, if you will use it frequently, if there is no problem to play this data on the client, if the volume compensates, etc. To tell you the truth almost always that it pays to do this, it was probably a mistake to use web technology.
So it makes a lot of sense to do it on the client too, even if it duplicates effort.
